Need to print time in human readable format
Hello! Team,
1.
I need to get the time in human readable format with the use of the below command :
tshark -r file.cap.gz -q -z diameter,avp,272,CC-Request-Type,CC-Request-Number,Rating-Group,Result-Code
frame='19857' time='1616436616.267048' src='172.21.198.162' srcport='35102' dst='172.20.56.36' dstport='3868' proto='diameter' msgnr='0' is_request='1' cmd='272' req_frame='19857' ans_frame='0' resp_time='0.000000' CC-Request-Type='1' CC-Request-Number='0' Rating-Group='8'
Currently, it shows the unix timestamp.
2.
With the below command, i am not getting the col.Info
TZ=EST5EDT tshark -nr kub2-4.wlk-mtce-1.vzwops.com-20210322181013.pcap.gz -T fields -E separator=',' -e frame.time -e ip.src -e tcp.srcport -e ip.dst -e tcp.dstport -e proto -e diameter.flags.request -e diameter.cmd.code -e diameter.answer_to -e diameter.answer_in -e diameter.resp_time -e diameter.Session-Id -e diameter.CC-Request-Type -e diameter.CC-Request-Number -e diameter.Result-code -e col.Info
Running as user "root" and group "asifa". This could be dangerous.
Mar 22, 2021 14:10:13.953618000,,,,,,,,,,,,,,,
Mar 22, 2021 14:10:13.950131000,172.18.120.6,32770,172.18.120.5,1029,,,,,,,,,,,
Mar 22, 2021 14:10:13.950585000,172.21.198.154,40896,172.20.56.6,3009,,,,,,,,,,,
Mar 22, 2021 14:10:13.950600000,172.21.198.154,40896,172.20.56.6,3009,,,,,,,,,,,
Mar 22, 2021 14:10:13.951051000,172.21.198.154,40902,172.20.56.6,3009,,,,,,,,,,,
Mar 22, 2021 14:10:13.951062000,172.21.198.154,40902,172.20.56.6,3009,,,,,,,,,,,
Mar 22, 2021 14:10:13.951089000,172.21.198.154,44484,172.20.56.6,3009,,,,,,,,,,,
Mar 22, 2021 14:10:13.951102000,172.21.198.154,44484,172.20.56.6,3009,,,,,,,,,,,
[root@pcrf125 vz]# tshark -v
TShark 1.8.10 (SVN Rev Unknown from unknown)
Copyright 1998-2013 Gerald Combs <[email protected]> and contributors.
This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
Compiled (64-bit) with GLib 2.28.8, with libpcap, with libz 1.2.3, without POSIX
capabilities, with SMI 0.4.8, without c-ares, without ADNS, without Lua, without
Python, with GnuTLS 2.8.5, with Gcrypt 1.4.5, with MIT Kerberos, without GeoIP.
Running on Linux 2.6.32-504.16.2.el6.x86_64, with locale en_US.UTF-8, with
libpcap version 1.4.0, with libz 1.2.3.
Built using gcc 4.4.7 20120313 (Red Hat 4.4.7-15).[root@pcrf125 vz]# tshark -v
TShark 1.8.10 (SVN Rev Unknown from unknown)
Copyright 1998-2013 Gerald Combs <[email protected]> and contributors.
This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
Compiled (64-bit) with GLib 2.28.8, with libpcap, with libz 1.2.3, without POSIX
capabilities, with SMI 0.4.8, without c-ares, without ADNS, without Lua, without
Python, with GnuTLS ...add a comment